Can Updated FFIEC Cyber Assessment Tool Help With Other Regulations?

The Federal Financial Institutions Examination Council (FFIEC) released an update to its Cybersecurity Assessment Tool to help financial institutions establish a better baseline to identify their risks and determine their cybersecurity preparedness. The original intent of the Assessment was to provide a repeatable and measurable process for financial institutions to measure their cybersecurity preparedness over time. The updates are a …

Cyber Security Legislation Will Change the Face of Business

As 2017 gets underway, cyber security legislation will strengthen and force businesses to change the way they approach information security.  At the federal level in the United States, the US Congress and President have proposed numerous updates to existing regulations and new regulations to cover all facets of cybersecurity.  These include the Cyber Preparedness Act of 2016, Cybersecurity Systems and …

Securing Information While Sharing

In a recent article entitled “Securing Information for a Shared Services Infrastructure”, Richard Freeman from Ricoh Canada talked about the need to secure information as companies share it internally and externally.  The focus of the article is how an organization must look at balancing the need to efficiently share information without compromising privacy, protection of intellectual property and other sensitive …

Trust and Betrayal – A Tale of Insider Threats

You do complete background checks and go through references as part of your hiring processes. You continually and painstakingly train employees on security and data breach topics to make sure they are educated and will know what to do and not to do during the course of daily business. You even conduct daily auditing of system activity and ensure that you …

Data-Centric Approach Starves Data-Hungry Cybercriminals

In a slideshow recently published in IT Business Edge, breaches within healthcare organizations hit an all-time high in 2015. With healthcare records growing in value, cybercriminals have realized they can get a quick payout by hacking this confidential information and selling it to other malicious actors or groups. Healthcare organizations have become easy targets because they tend to place more …

Concerned about Print Security?

Information security is a tough business.  As technologies evolve and businesses seek to use technology advancements as a competitive edge to be more productive, more efficient and to provide better service to their customers, the bad guys are also innovating with more ingenious ways to get at valuable digital business information.  Security postures are often re-evaluated to add new layers …

Seven Employees at ProMedica Hospitals Breach Patient Information

Recently ProMedica Bixby and Herrick Hospitals contacted 3,472 patients informing them that their private medical records had been improperly accessed by seven employees.  As is standard practice with the breach of patient information, patients received letters from ProMedica explaining the situation, the hospital’s action plan to prevent additional breaches and offering a full year of free credit protection monitoring. The hospital …

FDIC is Adding Digital Rights Management to Arsenal for Data-Centric Security

On Thursday May 12, 2016, the Congressional Subcommittee on Science, Space and Technology held a special hearing in Room 2318 of the Rayburn House Office Building.  The hearing addressed if Americans can trust their private banking information is secure by relying on the Federal Deposit Insurance Corporation (FDIC). During the session, lawmakers stated that the FDIC has a long history …

Healthcare Data Breach – Unauthorized Access for Seven Years

UnityPoint Health-Allen Hospital has made the news very recently as one of the latest healthcare environments that had a data breach. While on the surface this news appears to be just another healthcare data breach, there is something very different about it; the breach occurred over a span of seven years and was only recently discovered and reported. A “former employee” …